33 lines
742 B
Nix
33 lines
742 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
sops = {
|
|
age.keyFile = "/home/emenel/.config/sops/age/keys.txt"; # must have no password!
|
|
defaultSopsFile = ./secrets.yaml;
|
|
secrets = {
|
|
filez = {};
|
|
media-server = {};
|
|
};
|
|
templates."media-server-secrets".content = ''
|
|
username=media
|
|
password=${config.sops.placeholder.media-server}
|
|
'';
|
|
templates."filez-secrets".content = ''
|
|
username=admin
|
|
password=${config.sops.placeholder.filez}
|
|
'';
|
|
};
|
|
|
|
|
|
environment.etc = {
|
|
"nixos/filez-secrets" = {
|
|
source = config.sops.templates."filez-secrets".path;
|
|
group = "users";
|
|
};
|
|
"nixos/media-server-secrets" = {
|
|
source = config.sops.templates."media-server-secrets".path;
|
|
group = "users";
|
|
};
|
|
};
|
|
|
|
}
|